Outlook hacked: Microsoft customer support security bypassed

Outlook hacked: Microsoft customer support security bypassed

Outlook hacked is official: if you have an Outlook account, it is very likely that your personal data has been compromised by an unknown group of hackers. In fact, a short while ago, some cyber criminals managed to bypass Microsoft's customer support security systems, accessing information about some of the email addresses registered on Outlook.

What happened?

A Reddit user recently posted a screenshot of an email from Microsoft in which he was warned about unauthorized access to his Outlook account between January 2018 and March 2019, and other users have reported the same thing. The email in question claims that hackers managed to get hold of the credentials of one of Microsoft's customer service employees, and then use them to access user data, but not emails or attachments. After all, the only information the customer service department itself can access is limited to email address, username, email subject and recipient email address.

"Our data shows that the hackers were able to view account information (but not email content), however Microsoft has not identified any clues as to why that information was viewed and how it was used."

This is what the company says in the email sent to affected users. Using the credentials of the customer service employee, the cyber criminals were also able to bypass the double authentication, thus accessing the information they wanted without having to log into each account manually.

It is not clear how it happened, that is, how the hackers obtained the employee's information, however Microsoft wants to emphasize that the same credentials were revoked and all affected users were informed about the incident: in this way the cyber criminals immediately lost access to the stolen data. The users who were victims of the attack, however, would not be so many, at least according to what the company itself says...but it refused to provide the exact number.

Microsoft's recommendations

Although the attack did not have a direct effect on the users' access data, Microsoft recommends to change passwords, just because caution is never too much. The company said:

"Microsoft is sorry for any inconvenience the incident may have caused...but we assure you that Microsoft takes the protection of its users' data very seriously, which is why it has put its security and privacy staff to work to get to the bottom of the issue as well as strengthen anti-hacker measures in order to prevent further cases of this type."

Swascan Marketing Team